CLAIMS 



What is claimed is: 

5 1. A method for displaying a web based user interface 

over a network comprising: 

a) reading an HTTP request for authentication from a 
browser associated with a user, said HTTP request comprising 
credential information associated with said user; 
10 b) invoking a first plug-in module from a plurality of 

plug-in modules used to authenticate said user, said invoking 
based on said credential information, said plurality of plug- 
in modules providing authentication services; and 

c) dynamically generating an authentication user 
15 interface based on said HTTP request and configuration 
properties defined by said first plug-in module. 

2. The method of Claim 1, wherein c) comprises: 
cl) selecting a first web page template from a 
20 plurality of web page templates based on said credential 
information and said configuration properties; 

c2) retrieving additional information from memory to be 
displayed in said first web page template, wherein said first 
web page template comprises said user interface; and 
25 c3) incorporating said additional information into said 

first web page template. 
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3. The method of Claim 2, further comprising: 
configuring said first web page template with 

precompiled tag library components for rendering content in 
said authentication user interface. 

4. The method of Claim 2, further comprising: 
customizing said authentication user interface by 

modifying at least one of said plurality of web page 
templates . 

5. The method of Claim 1, further comprising: 
customizing said authentication user interface by adding 

at least one additional plug-in module in said plurality of 
plug-in modules. 

6. The method of Claim 1, wherein a) further 
comprises : 

al) receiving said HTTP request over said network from 
said user, said HTTP request comprising a login request to 
authenticate said user. 

7. The method of Claim 6, wherein said login request 
comprises : 

URL information; and 

query information comprising at least one URL parameter 
attached to said URL information, said query information 
comprising said credential information. 
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8. The method of Claim 1, further comprising: 
sending said authentication user interface to said 
browser over said network. 



9. The method of Claim 1, further comprising: 

d) validating authentication of said user; and 

e) generating a session token associated with said 
user, said session token authorizing access to services and 

10 content by said user, said session token also comprising said 
credential information and any additional credential 
information discovered when authenticating said user. 

10. A method for displaying a web based graphical user 
15 interface (GUI) over a network comprising: 

a) receiving an HTTP request for a first service from a 
browser associated with a user, said HTTP request comprising 
credential information associated with said user; 

b) invoking a first plug-in module from a plurality of 
20 plug-in modules, said invoking based on said credential 

information, said plurality of plug-in modules providing a 
plurality of services; and 

c) dynamically generating a first web based GUI based 
on said HTTP request and configuration properties defined by 

25 said first plug-in module. 
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11. The method of Claim 10, wherein said first service 
is an authentication service. 



12. 



The method of Claim 10, further comprising: 



5 



requesting additional credential information from said 



user; 



receiving said additional credential information from 
said user; 

dynamically generating a second web based GUI based on 
10 said additional credential information and said configuration 
properties. 

13. The method of Claim 10, wherein c) further 
comprises : 

15 cl) detecting a client type of said browser; and 

c2) configuring said first web based GUI to be 
supportable by said client type. 

14. The method of Claim 10, wherein said receiving in 
20 a) , said invoking in b) and said dynamically generating in c) 

substantially complies with the J2EE Assisted Take-Off (JATO) 
specification. 



15. 



The method of Claim 10, further comprising: 



25 



customizing said first GUI by modifying said 



configuration properties in said first plug-in module. 
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16. The method of Claim 10, further comprising: 
sending said GUI to said browser. 

17. A system for displaying a web based user interface 
over a network comprising: 

a web based user interface module for receiving an HTTP 
request over said network and dynamically generating a first 
user interface based on said HTTP request and configuration 
properties of a selected plug-in module; 

a plurality of plug-in modules coupled to said web based 
user interface module, each of said plurality of plug-in 
modules providing web services; and 

a model module coupled to said web based user interface 
module and said plurality of plug-in modules, said model 
module for selecting said selected plug-in module based on 
said HTTP request and for providing an interface between said 
web based user interface module and said plurality of plug-in 
modules. 

20 18. The system of Claim 17, wherein said web based 

user interface module comprises: 

a controller for selecting a first view renderer module 
from a plurality of view renderer modules based on credential 
information provided in said HTTP request, said credential 
25 information associated with a user sending said HTTP request; 

said plurality of view renderer modules coupled to said 
controller, each of said plurality of view renderer modules 
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10 



15 



controlling the distribution of content to a plurality of web 
page templates; and 

said plurality of web page templates. 



5 19. The system of Claim 17, wherein said model module 

comprises : 

an application program interface (API) layer for 
interfacing with said web based user interface; 

an service provider interface (SPI) layer coupled to 
10 said plurality of plug-in modules for interfacing with said 
plurality of plug-in modules; 

a Java Authentication and Authorization Service (JAAS) 
API layer coupled to said API layer for providing server 
authentication services; 
15 a JAAS service provider interface (SPI) layer coupled to 

said SPI layer for providing an interface between said 
plurality of plug-in modules and said JAAS API; and 

a framework layer for interfacing between said API 
layers and said SPI layers. 

20 

20. A computer system comprising: 
a processor; and 

a computer readable memory coupled to said processor and 
containing program instructions that, when executed, 
25 implement a method for displaying a web based user interface 
over a network comprising: 
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a) reading an HTTP request for authentication from a 
browser associated with a user, said HTTP request comprising 
credential information associated with said user; 

b) invoking a first plug-in module from a plurality of 
5 plug-in modules used to authenticate said user, said invoking 

based on said credential information, said plurality of plug- 
in modules providing authentication services; and 

c) dynamically generating an authentication user 
interface based on said HTTP request and configuration 

10 properties defined by said first plug-in module. 

21. The computer system of Claim 20, wherein c) in 
said method comprises: 

cl) selecting a first web page template from a 
15 plurality of web page templates based on said credential 
information and said configuration properties; 

c2) retrieving additional information from memory to be 
displayed in said first web page template, wherein said first 
web page template comprises said user interface; and 
20 c3) incorporating said additional information into said 

first web page template. 

22. The computer system of Claim 21, wherein said 
method further comprises: 

25 configuring said first web page template with 

precompiled tag library components for rendering content in 
said authentication user interface. 
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23. The computer system of Claim 21, wherein said 
method further comprises: 

customizing said authentication user interface by 
modifying at least one of said plurality of web page 
templates. 

24. The computer system of Claim 20, wherein said 
method further comprises: 

customizing said authentication user interface by adding 
at least one additional plug-in module in said plurality of 
plug-in modules. 

25. The method of Claim 20, wherein a) further 
comprises: 

al) receiving said HTTP request over said network from 
said user, said HTTP request comprising a login request to 
authenticate said user. 

26. The computer system of Claim 25, wherein said 
login request comprises: 

URL information; and 

query information comprising at least one URL parameter 
attached to said URL information, said query information 
comprising said credential information. 
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27. The computer system of Claim 20, wherein said 
method further comprises: 

sending said authentication user interface to said 
browser over said network. 

28. The computer system of Claim 20, wherein said 
method further comprises: 

d) validating authentication of said user; and 

e) generating a session token associated with said 
user, said session token authorizing access to services and 
content by said user, said session token also comprising said 
credential information and any additional credential 
information discovered when authenticating said user. 
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